CN113688405A - Bidirectional authentication hybrid encryption method based on block chain - Google Patents
Bidirectional authentication hybrid encryption method based on block chain Download PDFInfo
- Publication number
- CN113688405A CN113688405A CN202110771469.5A CN202110771469A CN113688405A CN 113688405 A CN113688405 A CN 113688405A CN 202110771469 A CN202110771469 A CN 202110771469A CN 113688405 A CN113688405 A CN 113688405A
- Authority
- CN
- China
- Prior art keywords
- user
- server
- transaction
- data
- account
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
Images
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/60—Protecting data
- G06F21/602—Providing cryptographic facilities or services
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/60—Protecting data
- G06F21/64—Protecting data integrity, e.g. using checksums, certificates or signatures
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06Q—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q20/00—Payment architectures, schemes or protocols
- G06Q20/38—Payment protocols; Details thereof
- G06Q20/382—Payment protocols; Details thereof insuring higher security of transaction
- G06Q20/3829—Payment protocols; Details thereof insuring higher security of transaction involving key management
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06Q—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q40/00—Finance; Insurance; Tax strategies; Processing of corporate or income taxes
- G06Q40/04—Trading; Exchange, e.g. stocks, commodities, derivatives or currency exchange
Abstract
The invention discloses a bidirectional authentication hybrid encryption method based on a block chain, which comprises the following steps: s1, determining public parameters of a system, a public and private key and a block chain account of a user, and a public and private key and a block chain account of a server; s2, registering the user at the server; s3, a user generates a symmetric encryption key of data to be sent, and encrypts the symmetric encryption key and the data; s4, the user concatenates the symmetric encryption key and the ciphertext of the data into a bit string and sends an authentication transaction integrated with the hash value of the bit string to a block chain account of the server; s5, the user sends the ciphertext of the symmetric encryption key, the ciphertext of the data and the transaction address of the authentication transaction to the server; s6, the server performs identity authentication on the user; s7, the server verifies the integrity of the received ciphertext; and S8, the server decrypts the ciphertext of the data to recover the plaintext of the data. The user and the server do not need to manage the certificate of the other party.
Description
Technical Field
The invention relates to the technical field of communication, in particular to a bidirectional authentication hybrid encryption method based on a block chain.
Background
The current hybrid encryption is widely applied to the data transmission process, so that both communication parties can realize efficient encryption on the premise of not negotiating a key in advance.
Despite the above advantages of hybrid encryption, applying the hybrid encryption mechanism directly to practice still has the following two problems: first, hybrid encryption does not provide authentication; second, additional mechanisms are needed to ensure the security of public key distribution.
In order to realize the certifications and the safety of public key distribution, the current public key cryptosystem based on the certificate is widely applied, the public key cryptosystem depends on a Certificate Authority (CA) to ensure the safety of the public key distribution, the CA binds the user identity and the public key thereof, issues the certificate for each legal user and certifies the validity of the public key; when a user communicates, authentication is performed by verifying the validity of the certificate of the other party.
However, in practice, the user often needs to communicate with a large number of servers, and therefore needs to manage a large number of server certificates, which is a heavy burden for the user. For example, in the current mobile payment environment, a user is only equipped with a mobile device with limited computing and storage capabilities, but needs to perform secure authentication communication with multiple servers to complete payment, and managing the certificates of the servers causes a long time delay at the user end, thereby greatly reducing the user experience.
Disclosure of Invention
The invention aims to overcome the defects of the prior art and provides a bidirectional authentication hybrid encryption method based on a block chain.
The purpose of the invention is realized by the following technical scheme: a bidirectional authentication hybrid encryption method based on a block chain comprises the following steps:
s1, system initialization: determining public parameters of a system, a public and private key and a block chain account of a user and a public and private key and a block chain account of a server according to the security parameters;
s2, registering: the method comprises the steps that a user registers at a server, and after the user successfully registers, the server stores a blockchain account of the user, and the user stores the blockchain account of the server;
s3, data encryption: a user uses a public key of a server as input to execute a key encapsulation algorithm, generates a long random key as a symmetric encryption key of data to be sent, then uses the public key of the server to encrypt the symmetric encryption key, and uses the symmetric encryption key to symmetrically encrypt the data;
s4, transaction issuing: the user connects the ciphertext of the symmetric encryption key and the ciphertext of the data in series to form a bit string, calculates the hash value of the bit string, sends an authentication transaction to the block chain account of the server through the block chain account of the user, and integrates the hash value of the bit string into the authentication transaction;
s5, a data sending step: the user sends the ciphertext of the symmetric encryption key, the ciphertext of the data and the transaction address of the authentication transaction to a server;
s6, identity authentication: the server extracts the block chain account of the user from the authentication transaction, performs identity authentication on the user according to the block chain account of the user, and rejects the data if the identity authentication fails;
s7, data integrity verification: the server extracts the hash value of the bit string from the data field of the authentication transaction, verifies the integrity of the received ciphertext according to the hash value of the bit string, and rejects the data if the integrity verification fails;
s8, data decryption: and the server uses the private key of the server to unpack the symmetric encryption key to obtain the plaintext of the symmetric encryption key, and then uses the symmetric encryption key to decrypt the ciphertext of the data to recover the plaintext of the data.
Preferably, the S2 includes: the method comprises the steps that a user registers at a server, the user issues a transaction as a registration transaction, registration cost is transferred from a blockchain account of the user to the blockchain account of the server, the server stores the blockchain account of the user who successfully registers, the transaction is issued as a receipt transaction, a token 0 is transferred to the blockchain account of the user, and the user stores the blockchain account of the server.
Preferably, the S1 includes:
s11, determining a common parameter set PP ═ { P, G, P, h of the system according to the security parameters1,h2H, Enc (-), Dec (-) }, where P is a prime number, G is a cyclic group of order P, P is the generator of group G, H1,h2And H is a secure hash function H1,h2,H:{0,1}*→Zp,ZpIs an integer ring with the order of prime number p, Enc (K, M) represents that a safe symmetric encryption algorithm is selected, K is used as a random encryption key to encrypt M, and Dec (K, C) represents that K is used to decrypt C;
s12. userRandom selectionAs usersPrivate key of, computing userOf (2) a public keyUser' sThe blockchain account of
S13, serverRandom selectionAs a serverPrivate key of, a computing serverOf (2) a public keyServerThe blockchain account of
Preferably, the s2. includes:
s21. userIssuing a registration transaction Tx on a blockchainRegFrom users' blockchain accountsTo a serverAccount of block chainTransfer the registration fee, register the trade address asThe registration transaction TxRegIn the Data field, the Registration and the From field areTo field isThe Value field is the amount of the registration fee;
s24, serverDetermining a registration transaction TxRegWhether the To field of (A) isDetermining a registration transaction TxRegWhether the registration fee amount displayed by the Value field meets the requirement or not is judged, and the user is judgedWhether the user is a non-registered user; if register transaction TxRegTo field ofThe registration fee displayed in the Value field meets the requirement and the userIf the user is a non-registered user, the user is consideredRegistration is successful, serverStorage userAccount of block chainOtherwise the serverRejecting a userThe registration request of (2);
s25, the serverIssuing a receipt transaction Tx on a blockchainRecFrom the serverAccount to userAccount of block chainTransfer 0 token, receipt transaction address ofThe receipt transaction TxRecThe middle Data field is set as Registered success history;
s28. userDetermining receipt transaction TxRecWhether the From field of (A) isDetermining receipt transaction TxRecWhether the To field of (A) isDetermining receipt transaction TxRecWhether the Data field of (1) is Registered success; if so, the receipt transaction TxRecFrom field ofTo field isIf the Data field is Registered success, the server is consideredRegistration is successful, userStorage serverAccount of block chain
Preferably, the S3 includes:
s31. userRandomly selecting a random number r ∈ ZpCalculating the median numberObtaining a symmetric encryption key k (h (y)) of the data, and calculating a ciphertext of the symmetric encryption key k
S32. userA ciphertext c ═ Enc (k, m) of the data is calculated, where m is the data to be transmitted.
Preferably, the S4 includes: user' sCreating an authenticated transaction Tx from the user's blockchain accountTo a serverAccount of block chainTransferring 0 token, setting Data field of authentication transaction as hash value H (c | | | c') of character string obtained by connecting cipher text of symmetric encryption key and cipher text of Data in series, and transaction address of authentication transaction is AddTx。
Preferably, the S6 includes:
s61, serverReceipt of { c, c', AddTxFourthly, according to the transaction address AddTxLocating the authentication transaction Tx on a blockchain;
s62, the serverVerifying blockchain accounts for users contained in From field in authenticated transaction TxAnd if the user is a registered user, the server rejects the data.
Preferably, the S7 includes: serverCalculating hash value data*H (c | | c'), and extracts the data field data from the authentication transaction Tx, passing the verificationTo verify the integrity of the data, if the verification fails, the serverThe data is rejected.
Preferably, the S8 includes: serverDecapsulating the symmetric encryption key of the data, calculating an intermediate number Symmetric encryption key k ═ h (y); serverDecrypting c 'using the symmetric encryption key k recovers the plaintext of data m, m ═ Dec (k, c').
The invention has the beneficial effects that: the method of the invention can realize the bidirectional authentication of the user and the server while keeping the high-efficiency encryption function by introducing the block chain, and the user and the server do not need to manage the certificate of the other side.
Drawings
FIG. 1 is a flow chart of the present invention;
FIG. 2 is a registration transaction TxRegA schematic illustration of (1).
Detailed Description
The technical solutions of the present invention will be described clearly and completely with reference to the following embodiments, and it should be understood that the described embodiments are only a part of the embodiments of the present invention, and not all of the embodiments. All other embodiments, which can be obtained by a person skilled in the art without inventive effort based on the embodiments of the present invention, are within the scope of the present invention.
Referring to fig. 1-2, the present embodiment provides a bidirectional authentication hybrid encryption method based on a blockchain:
as shown in fig. 1, a bidirectional authentication hybrid encryption method based on a blockchain includes:
s1, system initialization: and determining the public parameters of the system, the public and private keys and the blockchain account of the user and the public and private keys and the blockchain account of the server according to the security parameters.
Specifically, the S1 includes:
s11, determining a common parameter set PP ═ { P, G, P, h of the system according to the security parameters1,h2H, Enc (-), Dec (-) }, where P is a prime number, G is a cyclic group of order P, P is the generator of group G, H1,h2And H is a secure hash function H1,h2,H:{0,1}*→Zp,ZpIs an integer ring of prime p order; enc (K, M) represents that a safe symmetric encryption algorithm is selected, K is used as a random encryption key to encrypt M, and the key length of the symmetric encryption algorithm is the safety parameter; dec (K, C) indicates that K is used to decrypt C.
S12. userRandom selectionAs usersPrivate key of, computing userOf (2) a public keyUser' sThe blockchain account of
S13, serverRandom selectionAs a serverPrivate key of, a computing serverOf (2) a public keyServerThe blockchain account of
S2, registering: the user registers at the server, and after the user successfully registers, the server stores the blockchain account of the user, and the user stores the blockchain account of the server. For example, the S2 includes: the method comprises the steps that a user registers at a server, the user issues a transaction as a registration transaction, registration cost is transferred from a blockchain account of the user to the blockchain account of the server, the server stores the blockchain account of the user who successfully registers, the transaction is issued as a receipt transaction, a token 0 is transferred to the blockchain account of the user, and the user stores the blockchain account of the server.
Specifically, the s2 includes:
s21. userIssuing a registration transaction Tx on a blockchainRegFrom users' blockchain accountsTo a serverAccount of block chainTransfer the registration fee, register the trade address asThe registration transaction TxRegIn the Data field, the Registration and the From field areTo field isThe Value field is the amount of registration charges, as shown in fig. 2.
S24, serverDetermining a registration transaction TxRegWhether the To field of (A) isDetermining a registration transaction TxRegWhether the registration fee amount displayed by the Value field meets the requirement or not is judged, and the user is judgedWhether the user is a non-registered user; if register transaction TxRegTo field ofThe registration fee displayed in the Value field meets the requirement and the userIf the user is a non-registered user, the user is consideredRegistration is successful, serverStorage userAccount of block chainOtherwise the serverRejecting a userTo the registration request of (3).
I.e. the serverFor registration transaction TxRegPerforming verification, specifically comprising: serverDetermining a registration transaction TxRegWhether the To field of (A) isServerDetermining a registration transaction TxRegIf the registration fee amount is up to the requirement, the serverDetermining a userWhether the user is a non-registered user; if the verification result is' register transaction TxRegTo field ofRegistration transaction TxRegThe Value field displays that the registration fee amount meets the requirement, and the userIs a non-registered user', the user is consideredRegistration is successful, at which point the serverStorage userAccount of block chainOtherwise the serverRejecting a userTo the registration request of (3).
S25, the serverIssuing a receipt transaction Tx on a blockchainRecFrom the serverAccount to userAccount of block chainTransfer 0 token, receipt transaction address ofThe receipt transaction TxRecThe middle Data field is set to Registered success full.
S28. userDetermining receipt transaction TxRecWhether the From field of (A) isDetermining receipt transaction TxRecWhether the To field of (A) isDetermining receipt transaction TxRecWhether the Data field of (1) is Registered success; if so, the receipt transaction TxRecFrom field ofTo field isIf the Data field is Registered success, the server is consideredRegistration is successful, userStorage serverAccount of block chain
I.e. the userFor receipt transaction TxRecPerforming verification, specifically comprising: user' sDetermining receipt transaction TxRecWhether the From field of (A) isUser' sDetermining receipt transaction TxRecWhether the To field of (A) isUser' sDetermining receipt transaction TxRecWhether the Data field of (1) is Registered success; if the verification result is' receipt transaction TxRecFrom field ofReceipt transaction TxRecTo field ofReceipt transaction TxRecThe Data field of (1) is Registered success, then the server is considered asRegistration is successful when the userStorage serverAccount of block chain
S3, data encryption: the user uses the public key of the server as input to execute a key encapsulation algorithm, generates a long random key as a symmetric encryption key of data to be sent, then uses the public key of the server to encrypt the symmetric encryption key, and uses the symmetric encryption key to symmetrically encrypt the data.
Specifically, the S3 includes:
s31. userRandomly selecting a random number r ∈ ZpCalculating the median numberObtaining a symmetric encryption key k (h (y)) of the data, and calculating a ciphertext of the symmetric encryption key k
S4, transaction issuing: and the user concatenates the ciphertext of the symmetric encryption key and the ciphertext of the data into a bit string, calculates the hash value of the bit string, sends an authentication transaction to the block chain account of the server through the block chain account of the user, and integrates the hash value of the bit string into the authentication transaction.
Specifically, the S4 includes: user' sCreating an authenticated transaction Tx from the user's blockchain accountTo a serverAccount of block chainTransferring 0 token, setting Data field of authentication transaction as hash value H (c | | | c') of character string obtained by connecting cipher text of symmetric encryption key and cipher text of Data in series, and transaction address of authentication transaction is AddTx。
S5, a data sending step: and the user sends the ciphertext of the symmetric encryption key, the ciphertext of the data and the transaction address of the authentication transaction to the server.
S6, identity authentication: and the server extracts the block chain account of the user from the authentication transaction, performs identity authentication on the user according to the block chain account of the user, and rejects the data if the identity authentication fails.
Specifically, the S6 includes:
s61, serverReceipt of { c, c', AddTxFourthly, according to the transaction address AddTxThe authentication transaction Tx is located on the blockchain.
S62, the serverVerifying blockchain accounts for users contained in From field in authenticated transaction TxAnd if the user is a registered user, the server rejects the data.
S7, data integrity verification: and the server extracts the hash value of the bit string from the data field of the authentication transaction, verifies the integrity of the received ciphertext according to the hash value of the bit string, and rejects the data if the integrity verification fails.
Specifically, the S7 includes: serverCalculating hash value data*H (c | | c'), and extracts the data field data from the authentication transaction Tx, passing the verificationTo verify the integrity of the data, if the verification fails, the serverThe data is rejected.
S8, data decryption: and the server uses the private key of the server to unpack the symmetric encryption key to obtain the plaintext of the symmetric encryption key, and then uses the symmetric encryption key to decrypt the ciphertext of the data to recover the plaintext of the data.
Specifically, the S8 includes: serverDecapsulating the symmetric encryption key of the data, calculating an intermediate number Symmetric encryption key k ═ h (y); serverDecrypting c 'using the symmetric encryption key k recovers the plaintext of data m, m ═ Dec (k, c').
The method of the invention can realize the bidirectional authentication of the user and the server while keeping the high-efficiency encryption function by introducing the block chain, and the user and the server do not need to manage the certificate of the other side. Specifically, a key encapsulation algorithm is realized based on a public key encryption mechanism, a symmetric encryption key of data to be sent is generated, and public key encryption is performed on the symmetric encryption key, so that the two parties do not need to negotiate a key in advance; compared with a secret key, the data to be transmitted is long in length and high in use efficiency, and efficient encryption of the data is achieved through symmetric encryption. Therefore, the method of the invention can realize high-efficiency encryption without the need of negotiating the key in advance between the two communication parties.
In addition, the method uses the public and private keys of the block chain account as the public and private keys of the user, the public key of the user determines the unique account address, and the account address of the user and the user identity have one-to-one and determined relationship. Due to the security of the blockchain, other users cannot impersonate the target user to issue a transaction without knowing the private key of the user. When the user sends data, transferring accounts to the account of the receiver, and integrating the ciphertext of the symmetric encryption key and the hash value of the ciphertext of the data into a transaction, so that the identity authentication of the sender to the receiver is realized; the receiver can complete the identity authentication of the sender by verifying the account address contained in the transaction. Therefore, the method of the invention can realize the mutual authentication of both communication parties without certificate management.
The foregoing is illustrative of the preferred embodiments of this invention, and it is to be understood that the invention is not limited to the precise form disclosed herein and that various other combinations, modifications, and environments may be resorted to, falling within the scope of the concept as disclosed herein, either as described above or as apparent to those skilled in the relevant art. And that modifications and variations may be effected by those skilled in the art without departing from the spirit and scope of the invention as defined by the appended claims.
Claims (10)
1. A bidirectional authentication mixed encryption method based on a block chain is characterized by comprising the following steps:
s1, system initialization: determining public parameters of a system, a public and private key and a block chain account of a user and a public and private key and a block chain account of a server according to the security parameters;
s2, registering: the method comprises the steps that a user registers at a server, and after the user successfully registers, the server stores a blockchain account of the user, and the user stores the blockchain account of the server;
s3, data encryption: a user uses a public key of a server as input to execute a key encapsulation algorithm, generates a long random key as a symmetric encryption key of data to be sent, then uses the public key of the server to encrypt the symmetric encryption key, and uses the symmetric encryption key to symmetrically encrypt the data;
s4, transaction issuing: the user connects the ciphertext of the symmetric encryption key and the ciphertext of the data in series to form a bit string, calculates the hash value of the bit string, sends an authentication transaction to the block chain account of the server through the block chain account of the user, and integrates the hash value of the bit string into the authentication transaction;
s5, a data sending step: the user sends the ciphertext of the symmetric encryption key, the ciphertext of the data and the transaction address of the authentication transaction to a server;
s6, identity authentication: the server extracts the block chain account of the user from the authentication transaction, performs identity authentication on the user according to the block chain account of the user, and rejects the data if the identity authentication fails;
s7, data integrity verification: the server extracts the hash value of the bit string from the data field of the authentication transaction, verifies the integrity of the received ciphertext according to the hash value of the bit string, and rejects the data if the integrity verification fails;
s8, data decryption: and the server uses the private key of the server to unpack the symmetric encryption key to obtain the plaintext of the symmetric encryption key, and then uses the symmetric encryption key to decrypt the ciphertext of the data to recover the plaintext of the data.
2. The method according to claim 1, wherein the S2 includes: the method comprises the steps that a user registers at a server, the user issues a transaction as a registration transaction, registration cost is transferred from a blockchain account of the user to the blockchain account of the server, the server stores the blockchain account of the user who successfully registers, the transaction is issued as a receipt transaction, a token 0 is transferred to the blockchain account of the user, and the user stores the blockchain account of the server.
3. The method according to claim 1, wherein the S1 includes:
s11, determining a common parameter set PP ═ { P, G, P, h of the system according to the security parameters1,h2H, Enc (-), Dec (-) }, where P is a prime number, G is a cyclic group of order P, P is the generator of group G, H1,h2And H is a secure hash function H1,h2,H:{0,1}*→Zp,ZpIs an integer ring with the order of prime number p, Enc (K, M) indicates that a secure symmetric encryption algorithm is selected, and K is used as random encryptionThe key encrypts M, and Dec (K, C) means to decrypt C using K;
s12. userRandom selectionAs usersPrivate key of, computing userOf (2) a public keyUser' sThe blockchain account of
4. The bidirectional authentication hybrid encryption method based on the blockchain as claimed in claim 3, wherein the S2. comprises:
s21. userIssuing a registration transaction Tx on a blockchainRegFrom users' blockchain accountsTo a serverAccount of block chainTransfer the registration fee, register the trade address asThe registration transaction TxRegIn the Data field, the Registration and the From field areTo field isThe Value field is the amount of the registration fee;
s24, serverDetermining a registration transaction TxRegWhether the To field of (A) isDetermining a registration transaction TxRegWhether the registration fee amount displayed by the Value field meets the requirement or not is judged, and the user is judgedWhether the user is a non-registered user; if register transaction TxRegTo field ofThe registration fee displayed in the Value field meets the requirement and the userIf the user is a non-registered user, the user is consideredSuccessful bankbook, serverStorage userAccount of block chainOtherwise the serverRejecting a userThe registration request of (2);
s25, the serverIssuing a receipt transaction Tx on a blockchainRecFrom the serverAccount to userAccount of block chainTransfer 0 token, receipt transaction address ofThe receipt transaction TxRecThe middle Data field is set as Registered success history;
s28. userDetermining receipt transaction TxRecWhether the From field of (A) isDetermining receipt transaction TxRecWhether the To field of (A) isDetermining receipt transaction TxRecWhether the Data field of (1) is Registered success; if so, the receipt transaction TxRecFrom field ofThe To field is AdduAnd if the Data field is Registered success, the server is consideredRegistration is successful, userStorage serverAccount of block chain
5. The method according to claim 4, wherein the S3 comprises:
s31. userRandomly selecting a random number r ∈ ZpCalculating the median numberObtaining a symmetric encryption key k (h (y)) of the data, and calculating a ciphertext of the symmetric encryption key k
6. The blockchain-based bidirectional authentication hybrid encryption method according to claim 5, wherein the S4 includes: user' sCreating an authenticated transaction Tx from the user's blockchain accountTo a serverAccount of block chainTransferring 0 token, setting Data field of authentication transaction as hash value H (c | | | c') of character string obtained by connecting cipher text of symmetric encryption key and cipher text of Data in series, and transaction address of authentication transaction is AddTx。
8. The method according to claim 7, wherein the S6 includes:
s61, serverReceipt of { c, c', AddTxFourthly, according to the transaction address AddTxLocating the authentication transaction Tx on a blockchain;
9. The block chain-based bidirectional authentication hybrid encryption method according to claim 8,the S7 includes: serverCalculating hash value data★H (c | | c'), and extracts the data field data from the authentication transaction Tx, passing the verificationTo verify the integrity of the data, if the verification fails, the serverThe data is rejected.
10. The method according to claim 9, wherein the S8 includes: serverDecapsulating the symmetric encryption key of the data, calculating an intermediate number Symmetric encryption key k ═ h (y); serverDecrypting c 'using the symmetric encryption key k recovers the plaintext of data m, m ═ Dec (k, c').
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN202110771469.5A CN113688405B (en) | 2021-07-08 | 2021-07-08 | Bidirectional authentication hybrid encryption method based on blockchain |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN202110771469.5A CN113688405B (en) | 2021-07-08 | 2021-07-08 | Bidirectional authentication hybrid encryption method based on blockchain |
Publications (2)
Publication Number | Publication Date |
---|---|
CN113688405A true CN113688405A (en) | 2021-11-23 |
CN113688405B CN113688405B (en) | 2023-05-26 |
Family
ID=78576780
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN202110771469.5A Active CN113688405B (en) | 2021-07-08 | 2021-07-08 | Bidirectional authentication hybrid encryption method based on blockchain |
Country Status (1)
Country | Link |
---|---|
CN (1) | CN113688405B (en) |
Cited By (1)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN115052007A (en) * | 2022-05-23 | 2022-09-13 | 重庆第二师范学院 | Traceable public verification method, system and terminal for cloud storage data integrity |
Citations (8)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN108270571A (en) * | 2017-12-08 | 2018-07-10 | 西安电子科技大学 | Internet of Things identity authorization system and its method based on block chain |
CN109962784A (en) * | 2019-03-22 | 2019-07-02 | 西安电子科技大学 | A kind of data encrypting and deciphering and restoration methods based on the more certificates of digital envelope |
CN112418831A (en) * | 2013-11-15 | 2021-02-26 | 派奈特支付网络有限责任公司 | Computer system, system and method for processing transaction requests |
CN112818368A (en) * | 2021-02-09 | 2021-05-18 | 南京邮电大学 | Digital certificate authentication method based on block chain intelligent contract |
CN112906056A (en) * | 2021-03-17 | 2021-06-04 | 广东工业大学 | Cloud storage key security management method based on block chain |
CN112910840A (en) * | 2021-01-14 | 2021-06-04 | 重庆邮电大学 | Medical data storage and sharing method and system based on alliance blockchain |
KR20210067125A (en) * | 2019-11-29 | 2021-06-08 | 한국전력공사 | System and method for trading power based on blockchain |
CN112995136A (en) * | 2021-02-03 | 2021-06-18 | 浙江泰科数联信息技术有限公司 | K-out-of-m anonymous voting method based on alliance chain |
-
2021
- 2021-07-08 CN CN202110771469.5A patent/CN113688405B/en active Active
Patent Citations (8)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN112418831A (en) * | 2013-11-15 | 2021-02-26 | 派奈特支付网络有限责任公司 | Computer system, system and method for processing transaction requests |
CN108270571A (en) * | 2017-12-08 | 2018-07-10 | 西安电子科技大学 | Internet of Things identity authorization system and its method based on block chain |
CN109962784A (en) * | 2019-03-22 | 2019-07-02 | 西安电子科技大学 | A kind of data encrypting and deciphering and restoration methods based on the more certificates of digital envelope |
KR20210067125A (en) * | 2019-11-29 | 2021-06-08 | 한국전력공사 | System and method for trading power based on blockchain |
CN112910840A (en) * | 2021-01-14 | 2021-06-04 | 重庆邮电大学 | Medical data storage and sharing method and system based on alliance blockchain |
CN112995136A (en) * | 2021-02-03 | 2021-06-18 | 浙江泰科数联信息技术有限公司 | K-out-of-m anonymous voting method based on alliance chain |
CN112818368A (en) * | 2021-02-09 | 2021-05-18 | 南京邮电大学 | Digital certificate authentication method based on block chain intelligent contract |
CN112906056A (en) * | 2021-03-17 | 2021-06-04 | 广东工业大学 | Cloud storage key security management method based on block chain |
Non-Patent Citations (2)
Title |
---|
曹素珍等: "可验证混合存储属性基多关键字密文检索方案" * |
田道坤等: "在区块链中基于混合算法的数字签名技术" * |
Cited By (1)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN115052007A (en) * | 2022-05-23 | 2022-09-13 | 重庆第二师范学院 | Traceable public verification method, system and terminal for cloud storage data integrity |
Also Published As
Publication number | Publication date |
---|---|
CN113688405B (en) | 2023-05-26 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
CN109728909B (en) | Identity authentication method and system based on USBKey | |
CN101421968B (en) | Authentication system for networked computer applications | |
US7975139B2 (en) | Use and generation of a session key in a secure socket layer connection | |
JP5307191B2 (en) | System and method for secure transaction of data between a wireless communication device and a server | |
US5784463A (en) | Token distribution, registration, and dynamic configuration of user entitlement for an application level security system and method | |
CA2288192C (en) | Two way authentication protocol | |
CN108270571A (en) | Internet of Things identity authorization system and its method based on block chain | |
CN101902476B (en) | Method for authenticating identity of mobile peer-to-peer user | |
CN106713279B (en) | video terminal identity authentication system | |
US8806206B2 (en) | Cooperation method and system of hardware secure units, and application device | |
CN103763631A (en) | Authentication method, server and television | |
CN110020524B (en) | Bidirectional authentication method based on smart card | |
CN103354498A (en) | Identity-based file encryption transmission method | |
CN111756529B (en) | Quantum session key distribution method and system | |
CN113612605A (en) | Method, system and equipment for enhancing MQTT protocol identity authentication by using symmetric cryptographic technology | |
US20230188325A1 (en) | Computer-implemented system and method for highly secure, high speed encryption and transmission of data | |
CN104901935A (en) | Bilateral authentication and data interaction security protection method based on CPK (Combined Public Key Cryptosystem) | |
CN102254380A (en) | Safe mobile phone payment method and system based on hybrid encryption mechanism | |
US7971234B1 (en) | Method and apparatus for offline cryptographic key establishment | |
JP2001134534A (en) | Authentication delegate method, authentication delegate service system, authentication delegate server device, and client device | |
CN113676448B (en) | Offline equipment bidirectional authentication method and system based on symmetric key | |
CN111756722B (en) | Multi-authorization attribute-based encryption method and system without key escrow | |
CN113688405B (en) | Bidirectional authentication hybrid encryption method based on blockchain | |
KR20080005344A (en) | System for authenticating user's terminal based on authentication server | |
Isaac et al. | Anonymous payment in a kiosk centric model using digital signature scheme with message recovery and low computational power devices |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
PB01 | Publication | ||
PB01 | Publication | ||
SE01 | Entry into force of request for substantive examination | ||
SE01 | Entry into force of request for substantive examination | ||
GR01 | Patent grant | ||
GR01 | Patent grant |